Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
7.8 HIGH
CVE-2026-52908 — RDMA: During rereg_mr ensure that REREG_ACCESS is compatible

In the Linux kernel, the following vulnerability has been resolved: RDMA: During rereg_mr ensure that REREG_ACCESS is compatible If IB_MR_REREG_ACCESS changes from RO to RW then the umem has to be …

Jun 19, 2026 Jun 28, 2026
Jun 19, 2026
Jun 28, 2026
3.0 LOW
CVE-2026-49358 — PhpWeasyPrint vulnerable to arbitrary file deletion at shutdown via public $temporaryFiles

PhpWeasyPrint is a PHP library allowing PDF generation from a URL or an HTML page. Prior to version 2.6.0, `AbstractGenerator::$temporaryFiles` is a public array, and `removeTemporaryFiles()` — invok…

| Path Traversal
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
6.3 MEDIUM
CVE-2026-21768 — HCL Verse for Android is susceptible to an injection vulnerability

The compose-rich-editor library (v1.0.0-rc14) used in HCL Verse for Android's rich text email composition fails to properly validate all HTML input thereby allowing malicious content to be executed i…

| Cross-Site Scripting
Jun 19, 2026 Jun 22, 2026
Jun 19, 2026
Jun 22, 2026
8.5 HIGH
CVE-2025-71326 — AVAST Antivirus 25.11 Unquoted Service Path Privilege Escalation

AVAST Antivirus 25.11 contains an unquoted service path vulnerability in the SecureLine service that allows local non-privileged users to execute code with elevated SYSTEM privileges. Attackers can e…

antivirus | Misconfiguration
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
8.5 HIGH
CVE-2023-54353 — Chromacam 4.0.3.0 Unquoted Service Path Privilege Escalation

Chromacam 4.0.3.0 contains an unquoted service path vulnerability in the PsyFrameGrabberService that allows local attackers to execute arbitrary code by placing malicious executables in unquoted path…

| Misconfiguration
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
8.5 HIGH
CVE-2022-50971 — Malwarebytes 4.5 Unquoted Service Path Privilege Escalation

Malwarebytes 4.5 contains an unquoted service path vulnerability in the MBAMService executable that allows local attackers to escalate privileges by injecting malicious code into the system root path…

malwarebytes | Misconfiguration
Jun 19, 2026 Jun 26, 2026
Jun 19, 2026
Jun 26, 2026
8.5 HIGH
CVE-2021-47985 — Brother SAPSprint 7.60 Unquoted Service Path Privilege Escalation

Brother SAPSprint 7.60 contains an unquoted service path vulnerability in the SAPSprint service binary that allows local attackers to escalate privileges. Attackers can place a malicious executable i…

| Misconfiguration
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
8.5 HIGH
CVE-2020-37254 — Wondershare PDFelement 5.2.9 Privilege Escalation via Unquoted Service Path

Wondershare PDFelement 5.2.9 contains a privilege escalation vulnerability due to an unquoted service path in the WsAppService Windows service. Local attackers can place a malicious executable in the…

pdfelement | Misconfiguration
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
8.5 HIGH
CVE-2020-37253 — Winstep 18.06.0096 Unquoted Service Path Privilege Escalation

Winstep 18.06.0096 contains an unquoted service path vulnerability in the Winstep Xtreme Service that allows local attackers to escalate privileges. Attackers can place malicious executables in the P…

| Misconfiguration
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
8.5 HIGH
CVE-2020-37252 — Realtek Audio Service 1.0.0.55 Unquoted Service Path Privilege Escalation

Realtek Audio Service 1.0.0.55 contains an unquoted service path vulnerability in RtkAudioService64.exe that allows local attackers to escalate privileges by injecting malicious code. Attackers can p…

| Misconfiguration
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
8.5 HIGH
CVE-2020-37251 — RealTimes Desktop Service 18.1.4 Unquoted Service Path Privilege Escalation

RealTimes Desktop Service 18.1.4 contains an unquoted service path vulnerability in the rpdsvc.exe binary that allows local attackers to escalate privileges. Attackers can place malicious executables…

| Misconfiguration
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
8.5 HIGH
CVE-2020-37250 — TFTP Broadband 4.3.0.1465 Unquoted Service Path Privilege Escalation

TFTP Broadband 4.3.0.1465 contains an unquoted service path vulnerability in the tftpt.exe service binary that allows local attackers to execute arbitrary code with system privileges. Attackers can p…

| Misconfiguration
Jun 19, 2026 Jun 22, 2026
Jun 19, 2026
Jun 22, 2026
8.5 HIGH
CVE-2019-25747 — Network Inventory Advisor 5.0.26.0 Unquoted Service Path Privilege Escalation

Network Inventory Advisor 5.0.26.0 installs the niaservice service with an unquoted binary path that allows local attackers to escalate privileges by placing malicious executables in intermediate dir…

| Misconfiguration
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
8.5 HIGH
CVE-2016-20095 — Matrix42 Remote Control Host 3.20.0031 Unquoted Path Privilege Escalation

Matrix42 Remote Control Host 3.20.0031 contains an unquoted service path vulnerability in the FastViewerRemoteService and FastViewerRemoteProxy services that allows local users to execute arbitrary c…

| Misconfiguration
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
8.5 HIGH
CVE-2016-20094 — AnyDesk 2.5.0 Unquoted Service Path Elevation of Privilege

AnyDesk 2.5.0 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with SYSTEM privileges by exploiting the service installation. Attackers can insert mal…

anydesk | Misconfiguration
Jun 19, 2026 Jun 26, 2026
Jun 19, 2026
Jun 26, 2026
8.5 HIGH
CVE-2016-20093 — Wise Care 365 4.27 and Wise Disk Cleaner 9.29 Unquoted Service Path Privilege Escalation

Wise Care 365 4.27 and Wise Disk Cleaner 9.29 contain unquoted service path vulnerabilities in the WiseBootAssistant and SpyHunter 4 Service respectively, allowing local users to execute arbitrary co…

wise_care_365 | Misconfiguration
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
8.5 HIGH
CVE-2016-20092 — NetDrive 2.6.12 Unquoted Service Path Elevation of Privilege

NetDrive 2.6.12 contains an unquoted service path vulnerability in the Netdrive2_Service_Netdrive2 service that allows local users to execute arbitrary code with SYSTEM privileges. Attackers can inse…

| Misconfiguration
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
8.5 HIGH
CVE-2016-20091 — Windows Firewall Control 4.8.6.0 Unquoted Service Path Privilege Escalation

Windows Firewall Control 4.8.6.0 contains an unquoted service path vulnerability that allows local attackers to escalate privileges by inserting malicious executables in the service path. Attackers c…

| Misconfiguration
Jun 19, 2026 Jun 22, 2026
Jun 19, 2026
Jun 22, 2026
8.5 HIGH
CVE-2016-20090 — Comodo Dragon Browser 52.15.25.663 Privilege Escalation via Unquoted Service Path

Comodo Dragon Browser versions up to 52.15.25.663 contain a privilege escalation vulnerability in the DragonUpdater service due to an unquoted service path running with SYSTEM privileges. A local att…

| Misconfiguration
Jun 19, 2026 Jun 22, 2026
Jun 19, 2026
Jun 22, 2026
8.5 HIGH
CVE-2016-20089 — Iperius Remote 1.7.0 Unquoted Service Path Elevation of Privilege

Iperius Remote 1.7.0 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with SYSTEM privileges by exploiting the service installation path. When install…

| Misconfiguration
Jun 19, 2026 Jun 23, 2026
Jun 19, 2026
Jun 23, 2026
Showing 20 of 8025 Results